– CVE-2018-16986 and CVE-2018-7080– affected chips are embedded in devices of Cisco, Meraki, Aruba and others– Cisco and Aruba state that BLE chips are disabled by default– most suppliers released patches